ESXI6.5 - NFS NOOB

  • I'm a noob in many ways here, to storage especially.
    I want to create an NFS share (named OMVnas) for storing ESXI vms. I have been playing with permissions, and I still think I'm getting denied by the user that I created (using NFS4). I allow the subnet, and I'm trying to keep this as simple as possible, however, when I add the share to ESXi, it cannot map the directory. It shows its there, as seen below.


    possibly I need a primer, but at this point, I only want my esxi user and my Admin users to have access to this. Thank you in advance.



    Code
    root@omvNuc:/export# showmount -e
    Export list for omvNuc:
    /export          192.168.29.0/24
    /export/VM_Store 192.168.29.0/24

    Adding logs from OMV. Does that 'NO PERMISSION' have to do with why I can't see anything... if so, I don't know how to fix it! I've toggled everything I can think of lol.

  • So, here are the things I did to overcome these issues. I don't know if they are "best practice," but what the heck, I don't know what I'm doing:


    1. In the NFS options I added this: subtree_check,no_root_squash
    2. I think that made it insecure, but no authentication was needed
    3. I made client my ESXI subnet.
    4. Now I can properly Add my NFS to ESXI
    5. Now I can upload VMs, create directories, subdirectories on share.
    6. There are still issues, for example, when I go to edit the settings of a VM, I get "An Error Occurred, Please try again". I have no idea if that is the VM, or related to the NFS.


    Questions: is this secure, or is there a better way?


    What does putting a quota on that share mean? I don't have a user authenticating, so that should mean that the space is "unlimited" for that NFS?


    Any clarification would be great.

    • Offizieller Beitrag

    1. In the NFS options I added this: subtree_check,no_root_squash
    2. I think that made it insecure, but no authentication was needed

    Yes, but depends, is this a secure network (vlan isolated)? like only esxi should be able to access the server. Maybe add some fw rules to prevent unauthorised mounting in the omv server, dhcp snooping and bind the physical port to an ip address. The last two should be done at the switch management



    Questions: is this secure, or is there a better way?

    i think it depend on the use. If this is home i would think is secure if is for personal use.



    What does putting a quota on that share mean? I don't have a user authenticating, so that should mean that the space is "unlimited" for that NFS?

    As i understand (i don't use quota) you put quota per file system, not per share. In this case root is accessing the fs (no_root_squash), so here i am not sure if quotas do apply to the root user, if they apply you'll need to edit the quota manually in terminal.

  • Ok, After reading and trying things out, I seem to run into issues. My original hope was that I could have PLEX directories for media that would be NFS per the recommendations above. ** NOTE: VMWARE NFS shares work ** And then, I was hoping that those same directories could also be CIFS shares that I could access from my MAC.


    I found this to be incompatible (right?). So, I could add/remove files from CIFS, but plex couldn't necessarily delete or manage the same files. So, I toggled the permissions for the NFS, and then the macos CIFS connection would lose permissions.


    Is there a recommended path?

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!